The Cover PagesThe OASIS Cover Pages: The Online Resource for Markup Language Technologies
Advanced Search
Site Map
CP RSS Channel
Contact Us
Sponsoring CP
About Our Sponsors

Cover Stories
Articles & Papers
Press Releases

XML Query

XML Applications
General Apps
Government Apps
Academic Apps

Technology and Society
Tech Topics
Related Standards
Last modified: December 05, 2007
XML Daily Newslink. Wednesday, 05 December 2007

A Cover Pages Publication
Provided by OASIS and Sponsor Members
Edited by Robin Cover

This issue of XML Daily Newslink is sponsored by:

Federating Identity for the Web
Phillip J. Windley, InfoWorld

Federated identity has long been a goal of many IT organizations. Empowering one organization to serve as an identity provider for another frees IT from having to manage the identities of partnering organizations' employees and customers, thereby facilitating the pursuit of competitive-advantage projects. In this era of increasing enterprise decentralization, thanks in large part to the Web, establishing a federated identity framework is fast proving as essential as it is hard to pull off. "user-centric identity" is a new approach to federation that has gained momentum as of late. Two technologies in particular have emerged to catch the attention of organizations looking to accelerate their federation efforts: CardSpace, a standard developed by Microsoft to provide a comprehensive solution to user-centric identity problems; and OpenID, a lightweight standard that's the result of the work of multiple companies to create identities based on URLs. CardSpace is built on standards such as WS-Trust, Secure Token Service, and WS-Security. As a result, CardSpace benefits from the public security reviews of these standards. And because both CardSpace and OpenID are open architectures, thorough security reviews of each are possible. The biggest threat to individuals is the so-called 'social engineering' that any identity system allows. Of these, phishing poses the biggest threat at present, and OpenID, like any Web-based authentication scheme, is especially vulnerable. CardSpace's identity selector was invented specifically to foil phishing and related attacks. Moreover, CardSpace's rigid insistence on a consistent user experience reduces the diverse authentication contexts users face when tapping Web-based authentication technologies, thereby increasing the likelihood that they will recognize something out of the ordinary when asked for credentials.

OpenID 2.0 Spec Approved
John Dorsey, Dr. Dobb's Journal

The OpenID Foundation announced the finalized version of OpenID Authentication 2.0 and the related OpenID Attribute Exchange 1.0 specifications. Three members of the OpenID Foundation announced the finalized versions of OpenID Authentication 2.0 and the related OpenID Attribute Exchange 1.0 spec on Monday. David Recordon, Dick Hardt, and Josh Hoyt, who participated in the authoring of OpenID, were attending the Internet Identity Workshop at Computer History Musuem in Mountain View, California when they announced the finalization of the specification, which defines a decentralized, open-source, single-sign on identity framework. OpenID has been adopted by AOL, LiveJournal, WordPress and thousands of other web sites to allow visitors to identify themselves without needing to create a new login or share sensitive information. Google's Blogger and the Drupal content management platform already support the new spec. The OpenID Attribute Exchange 1.0 spec, also announced on Monday, is a service extension that provides a mechanism for moving identity information between web sites. According to the OpenID web site: "As part of the IPR work over the past few months we've collected non-assertion agreements from contributors to both of these specifications as well as all past specifications. These agreements are a way for contributors (and others) to formally declare that they will not assert any patent rights against OpenID implementations. It's important to remember that this has been the work of many folks not only within the OpenID community but also the OpenID Foundation, AOL, Cordance, JanRain, Microsoft, NetMesh, Six Apart, Sxip, Sun Microsystems, Symantec, Verisign and Yahoo!. Microsoft was instrumental in helping with legal support and guidance combined with the insight of Sun and Yahoo! with their joint work in developing the right language. This is great news as it means that today not only is OpenID 2.0 final, but all of the contributors have sent a strong message that OpenID must be freely implementable world-wide."

See also: the OpenID web site

Microsoft Offers Volta Preview for Web Apps Development
Paul Krill, InfoWorld

Microsoft is releasing a technology preview of its Volta Web developer toolset, which is intended to make it easier to build multitier Web applications, including applications useful in SaaS (software as a service) environments. Volta furthers Microsoft's software plus services efforts, including SaaS, because it enables easier development of multitier applications, the company said. Volta takes advantage of technologies such as Microsoft's LINQ (Language Integrated Query) and AJAX (Asynchronous JavaScript and XML) and automates certain low-level aspects of distributing applications across multiple tiers. Developers can instead focus on distinguishing features of an application. End-to-end debugging and performance profiling are featured as well. Volta measures the speed and performance of an application to see how it performs on the client and server. Fine-tuned adjustments are enabled, such as moving a piece of code from the client to the server late in the development process. The secret sauce, so to speak, of Volta is its use of MSIL (Microsoft Intermediate Language), which is the language used to compile applications written in .Net languages. The MSIL-to-MISL rewriting technique employed in Volta takes post-compilation steps to rewrite client IL to run in JavaScript and rewrite server IL to run on ASP.Net. Web services are generated when IL is rewritten to ASP.Net.

See also: the Volta web site

Sun Announces Open-Source Awards Program
Eric J. Bruno, DDJ

Sun has announced that it will be offering approximately $1 million per year in awards to participants of any of several contests. Community involvement in any of the following six open-source initiatives is required: (1) GlassFish, Sun's open-source Java EE 5-compilant application server; (2) NetBeans, Sun's open-source IDE; (3) OpenJDK, the GPL-licensed open-source version of Java SE; (4), Sun's open-source office productivity suite; (5) OpenSolaris, the open-source version of the popular server OS, Sun Solaris; (6) OpenSPARC, an open-source community that works on chip design in the open for all to contribute. According to the announcement: "Sun Microsystems made a public commitment to Free and Open Source software (FOSS) and in doing so has contributed billions of dollars, as well as more code, to Free software than any other organization in the public or private sector. In addition to leveraging many industry-wide open source projects, Sun has taken the unique step of opening its core software, hardware and storage technologies and sharing them as Free and open source. This action enables Sun to build its products through the preferred means of co-production and to grow the potential market for Sun products and services by directly attracting users to a free platform, while allowing developers the freedom to identify new opportunities and therefore new markets for the technologies."

See also: the announcement

Adobe PDF Version 1.7 Close to International Standard
Antone Gonsalves, InformationWeek

The next version of Adobe (NSDQ: ADBE) Systems' PDF document format has received overwhelming approval from an international standards body, taking the format close to final adoption. Out of the 15 countries represented on the standards committee of the International Standards Organization, nine voted yes without comments and four gave their approval with comments, James King, PDF architect and senior principal scientist at Adobe said in the company's Inside PDF blog. France was the only member to vote against PDF 1.7, with Russia abstaining. Italy sent comments, but is a non-voting member of the panel. Overall, 205 comments were submitted, which means the concerns will have to be addressed before the file format becomes ISO standard 32000. King, who was nominated by the U.S. as technical editor, said he would prepare responses to all the comments in time for the January 21-23 [2008] meeting of the working group. The U.S. was the sponsoring country for PDF 1.7, and the one with the most comments (125). PDF is a popular electronic document format found in business, and Web publishing. Last month, Adobe and Yahoo unveiled plans to launch a service that would insert ads into online PDF documents, and share revenue with the publishers.

See also: the O'Reilly blog

The Google Widget Toolkit's AJAX Recipe: Less JavaScript, More Speed
Glen Kunene,

In this article, the co-creator of the Google Widget Toolkit (GWT) explains how his team plans to release a GWT version that compiles faster AJAX code than a JavaScript expert could write by hand. In a media briefing at the conference, Google Engineering Manager and GWT co-creator Bruce Johnson explained the mission his team undertook when Google open sourced GWT under the Apache 2 license in December 2006: create a better user experience by enabling Java developers to create high-performance web applications using only the Java tools they know rather than trying to master the JavaScript skills that are necessary for creating responsive web interfaces for all the browsers out there. "The average usability of web sites sucks," he said, citing all-too-familiar examples of web user headaches [...] GWT's goal is to free Java developers from having to make that choice by taking the client-side scripting out of their hands. GWT is composed of two components: an AJAX widget library and a cross-browser compiler that converts Java code into AJAX. Java developers can use each component independently if they choose to, but they don't have to write a single line of JavaScript code by hand. When asked to differentiate GWT from other freely available AJAX toolkits and frameworks such as Dojo, Prototype, and jQuery, Johnson emphasized Google's commitment to making AJAX faster and smaller (i.e., containing less JavaScript code). The GWT team uses a benchmarking subsystem to measure the performance of its compiled code for any given browser permutation, which enables them to "optimize like crazy." The result is an application like GWT mail sample, which Johnson cited for its speed. When GWT 1.5 arrives, Johnson said it will also offer full language support for Java 1.5 (Generics, etc.). This feature would enhance the current 1.4 version's features, notably AJAX internationalization, which uses message templates to enable developers to compile code for 400 locales from one code base, and browser history support. 2.3 Impresses
Tiffany Maleshefski, eWEEK

The release of 2.3 brings several significant improvements to the open-source office productivity suite, including easier upgrade paths for existing Microsoft Office users, improved measures to prevent security breaches, and an array of snazzy new features introduced in the suite's word processing, spreadsheet, presentation and database applications. Meanwhile, all-around improvements to the suite's presentation application, Impress, continue to give users some of the bells and whistles coveted in PowerPoint, such as the ability to now integrate sound across an entire presentation. General improvements made to the spreadsheet application, Calc, and word processing application, Writer, make the case for OpenOffice 2.3 as a potentially easier and definitely cheaper upgrade path for existing Microsoft Office users, who may be considering a transition to Microsoft Office 2007. Though file conversion fidelity continues to improve with each subsequent release of OpenOffice, file fidelity issues still surfaced in my tests, such as page-break issues discovered when trying to convert a Word-formatted document in Writer... 2.3's most persuasive set of features, however, continues to be that it is an entirely free product and supports seven platforms: Windows, Linux x86 and PowerPC, Solaris x86 and SPARC, Mac OS X and FreeBSD... I tested the most significant addition to OpenOffice's Writer application, the ability to export newly created files to the MediaWiki format, a feature-rich collaborative editing software that runs Wikipedia... I cut and pasted an entire document into a blank Wiki page and discovered that the italicized text made it through the conversion, as did the hyperlink. The underlined text and bold text, however, did not pass the test. Apostrophes also fared poorly, not maintaining their "smart quotes" status...

See also: the OpenOffice web site


XML Daily Newslink and Cover Pages are sponsored by:

BEA Systems, Inc.
IBM Corporation
Sun Microsystems, Inc.

XML Daily Newslink:
Newsletter Archive:
Newsletter subscribe:
Newsletter unsubscribe:
Newsletter help:
Cover Pages:

Hosted By
OASIS - Organization for the Advancement of Structured Information Standards

Sponsored By

IBM Corporation
ISIS Papyrus
Microsoft Corporation
Oracle Corporation


XML Daily Newslink
Receive daily news updates from Managing Editor, Robin Cover.

 Newsletter Subscription
 Newsletter Archives
Globe Image

Document URI:  —  Legal stuff
Robin Cover, Editor: